From 32bc319387f5c790b4cde907c3a48cb1f8f89660 Mon Sep 17 00:00:00 2001
From: Stephen Zhou <38493346+hyoban@users.noreply.github.com>
Date: Wed, 14 Jan 2026 17:44:18 +0800
Subject: [PATCH] refactor: remove WebAppAccessToken

---
 web/app/(shareLayout)/components/splash.tsx       |  5 +----
 .../webapp-signin/check-code/page.tsx             |  5 +----
 .../components/mail-and-password-auth.tsx         |  6 +-----
 .../signin/components/mail-and-password-auth.tsx  |  5 -----
 web/config/index.ts                               |  1 -
 web/service/fetch.ts                              |  7 +------
 web/service/share.ts                              |  4 ----
 web/service/webapp-auth.ts                        | 15 +--------------
 8 files changed, 5 insertions(+), 43 deletions(-)

diff --git a/web/app/(shareLayout)/components/splash.tsx b/web/app/(shareLayout)/components/splash.tsx
index 9f89a03993..d70dd0b711 100644
--- a/web/app/(shareLayout)/components/splash.tsx
+++ b/web/app/(shareLayout)/components/splash.tsx
@@ -7,7 +7,7 @@ import AppUnavailable from '@/app/components/base/app-unavailable'
 import Loading from '@/app/components/base/loading'
 import { useWebAppStore } from '@/context/web-app-context'
 import { fetchAccessToken } from '@/service/share'
-import { setWebAppAccessToken, setWebAppPassport, webAppLoginStatus, webAppLogout } from '@/service/webapp-auth'
+import { setWebAppPassport, webAppLoginStatus, webAppLogout } from '@/service/webapp-auth'
 
 const Splash: FC<PropsWithChildren> = ({ children }) => {
   const { t } = useTranslation()
@@ -40,9 +40,6 @@ const Splash: FC<PropsWithChildren> = ({ children }) => {
       return
     }
 
-    if (tokenFromUrl)
-      setWebAppAccessToken(tokenFromUrl)
-
     const redirectOrFinish = () => {
       if (redirectUrl)
         router.replace(decodeURIComponent(redirectUrl))
diff --git a/web/app/(shareLayout)/webapp-signin/check-code/page.tsx b/web/app/(shareLayout)/webapp-signin/check-code/page.tsx
index afea9d668b..a90bf4a331 100644
--- a/web/app/(shareLayout)/webapp-signin/check-code/page.tsx
+++ b/web/app/(shareLayout)/webapp-signin/check-code/page.tsx
@@ -12,7 +12,7 @@ import { useLocale } from '@/context/i18n'
 import { useWebAppStore } from '@/context/web-app-context'
 import { sendWebAppEMailLoginCode, webAppEmailLoginWithCode } from '@/service/common'
 import { fetchAccessToken } from '@/service/share'
-import { setWebAppAccessToken, setWebAppPassport } from '@/service/webapp-auth'
+import { setWebAppPassport } from '@/service/webapp-auth'
 import { encryptVerificationCode } from '@/utils/encryption'
 
 export default function CheckCode() {
@@ -66,9 +66,6 @@ export default function CheckCode() {
       setIsLoading(true)
       const ret = await webAppEmailLoginWithCode({ email, code: encryptVerificationCode(code), token })
       if (ret.result === 'success') {
-        if (ret?.data?.access_token) {
-          setWebAppAccessToken(ret.data.access_token)
-        }
         const { access_token } = await fetchAccessToken({
           appCode: appCode!,
           userId: embeddedUserId || undefined,
diff --git a/web/app/(shareLayout)/webapp-signin/components/mail-and-password-auth.tsx b/web/app/(shareLayout)/webapp-signin/components/mail-and-password-auth.tsx
index e49559401d..27a4bb9359 100644
--- a/web/app/(shareLayout)/webapp-signin/components/mail-and-password-auth.tsx
+++ b/web/app/(shareLayout)/webapp-signin/components/mail-and-password-auth.tsx
@@ -12,7 +12,7 @@ import { useLocale } from '@/context/i18n'
 import { useWebAppStore } from '@/context/web-app-context'
 import { webAppLogin } from '@/service/common'
 import { fetchAccessToken } from '@/service/share'
-import { setWebAppAccessToken, setWebAppPassport } from '@/service/webapp-auth'
+import { setWebAppPassport } from '@/service/webapp-auth'
 import { encryptPassword } from '@/utils/encryption'
 
 type MailAndPasswordAuthProps = {
@@ -82,10 +82,6 @@ export default function MailAndPasswordAuth({ isEmailSetup }: MailAndPasswordAut
         body: loginData,
       })
       if (res.result === 'success') {
-        if (res?.data?.access_token) {
-          setWebAppAccessToken(res.data.access_token)
-        }
-
         const { access_token } = await fetchAccessToken({
           appCode: appCode!,
           userId: embeddedUserId || undefined,
diff --git a/web/app/signin/components/mail-and-password-auth.tsx b/web/app/signin/components/mail-and-password-auth.tsx
index 92165bb65b..b8ce628127 100644
--- a/web/app/signin/components/mail-and-password-auth.tsx
+++ b/web/app/signin/components/mail-and-password-auth.tsx
@@ -11,7 +11,6 @@ import Toast from '@/app/components/base/toast'
 import { emailRegex } from '@/config'
 import { useLocale } from '@/context/i18n'
 import { login } from '@/service/common'
-import { setWebAppAccessToken } from '@/service/webapp-auth'
 import { encryptPassword } from '@/utils/encryption'
 import { resolvePostLoginRedirect } from '../utils/post-login-redirect'
 
@@ -65,10 +64,6 @@ export default function MailAndPasswordAuth({ isInvite, isEmailSetup, allowRegis
         body: loginData,
       })
       if (res.result === 'success') {
-        if (res?.data?.access_token) {
-          // Track login success event
-          setWebAppAccessToken(res.data.access_token)
-        }
         trackEvent('user_login_success', {
           method: 'email_password',
           is_invite: isInvite,
diff --git a/web/config/index.ts b/web/config/index.ts
index b804629048..80e9236be0 100644
--- a/web/config/index.ts
+++ b/web/config/index.ts
@@ -179,7 +179,6 @@ export const CSRF_COOKIE_NAME = () => {
   return isSecure ? '__Host-csrf_token' : 'csrf_token'
 }
 export const CSRF_HEADER_NAME = 'X-CSRF-Token'
-export const ACCESS_TOKEN_LOCAL_STORAGE_NAME = 'access_token'
 export const PASSPORT_LOCAL_STORAGE_NAME = (appCode: string) => `passport-${appCode}`
 export const PASSPORT_HEADER_NAME = 'X-App-Passport'
 
diff --git a/web/service/fetch.ts b/web/service/fetch.ts
index d6f1af3b3f..fcbe275508 100644
--- a/web/service/fetch.ts
+++ b/web/service/fetch.ts
@@ -4,7 +4,7 @@ import Cookies from 'js-cookie'
 import ky from 'ky'
 import Toast from '@/app/components/base/toast'
 import { API_PREFIX, APP_VERSION, CSRF_COOKIE_NAME, CSRF_HEADER_NAME, IS_MARKETPLACE, MARKETPLACE_API_PREFIX, PASSPORT_HEADER_NAME, PUBLIC_API_PREFIX, WEB_APP_SHARE_CODE_HEADER_NAME } from '@/config'
-import { getWebAppAccessToken, getWebAppPassport } from './webapp-auth'
+import { getWebAppPassport } from './webapp-auth'
 
 const TIME_OUT = 100000
 
@@ -93,11 +93,6 @@ const resolveShareCode = () => {
 }
 
 const beforeRequestPublicWithCode = (request: Request) => {
-  const accessToken = getWebAppAccessToken()
-  if (accessToken)
-    request.headers.set('Authorization', `Bearer ${accessToken}`)
-  else
-    request.headers.delete('Authorization')
   const shareCode = resolveShareCode()
   if (!shareCode)
     return
diff --git a/web/service/share.ts b/web/service/share.ts
index 203dc896db..db44314759 100644
--- a/web/service/share.ts
+++ b/web/service/share.ts
@@ -42,7 +42,6 @@ import {
   postPublic as post,
   ssePost,
 } from './base'
-import { getWebAppAccessToken } from './webapp-auth'
 
 function getAction(action: 'get' | 'post' | 'del' | 'patch', isInstalledApp: boolean) {
   switch (action) {
@@ -305,9 +304,6 @@ export const textToAudioStream = (url: string, isPublicAPI: boolean, header: { c
 export const fetchAccessToken = async ({ userId, appCode }: { userId?: string, appCode: string }) => {
   const headers = new Headers()
   headers.append(WEB_APP_SHARE_CODE_HEADER_NAME, appCode)
-  const accessToken = getWebAppAccessToken()
-  if (accessToken)
-    headers.append('Authorization', `Bearer ${accessToken}`)
   const params = new URLSearchParams()
   if (userId)
     params.append('user_id', userId)
diff --git a/web/service/webapp-auth.ts b/web/service/webapp-auth.ts
index 7a9abd9599..bfcbf97103 100644
--- a/web/service/webapp-auth.ts
+++ b/web/service/webapp-auth.ts
@@ -1,26 +1,14 @@
-import { ACCESS_TOKEN_LOCAL_STORAGE_NAME, PASSPORT_LOCAL_STORAGE_NAME } from '@/config'
+import { PASSPORT_LOCAL_STORAGE_NAME } from '@/config'
 import { getPublic, postPublic } from './base'
 
-export function setWebAppAccessToken(token: string) {
-  localStorage.setItem(ACCESS_TOKEN_LOCAL_STORAGE_NAME, token)
-}
-
 export function setWebAppPassport(shareCode: string, token: string) {
   localStorage.setItem(PASSPORT_LOCAL_STORAGE_NAME(shareCode), token)
 }
 
-export function getWebAppAccessToken() {
-  return localStorage.getItem(ACCESS_TOKEN_LOCAL_STORAGE_NAME) || ''
-}
-
 export function getWebAppPassport(shareCode: string) {
   return localStorage.getItem(PASSPORT_LOCAL_STORAGE_NAME(shareCode)) || ''
 }
 
-export function clearWebAppAccessToken() {
-  localStorage.removeItem(ACCESS_TOKEN_LOCAL_STORAGE_NAME)
-}
-
 export function clearWebAppPassport(shareCode: string) {
   localStorage.removeItem(PASSPORT_LOCAL_STORAGE_NAME(shareCode))
 }
@@ -44,7 +32,6 @@ export async function webAppLoginStatus(shareCode: string, userId?: string) {
 }
 
 export async function webAppLogout(shareCode: string) {
-  clearWebAppAccessToken()
   clearWebAppPassport(shareCode)
   await postPublic('/logout')
 }